Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.

  • paysrenttobirds@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    For an aac user, it can be super helpful to be able to install a custom communication system as a keyboard as then they can use it with all the other apps. The keyboard apps have the same disclosures as all the others and you should avoid giving it the ability to export data with access to the Internet. Really any app can do this while you’re in it and ask those name brand apps you bank with or whatever are made by third parties and could be logging anything to anywhere if no one bothered to check.

    That said, I am unhappy with how android play store has never allowed you to filter apps by permission and has made it harder and harder to even see what permissions an app will request or “require”. The permissions system is so good, should be made more fine-grained but instead they seem focused on “data safety statements” that are just cya for the platform as far as I can tell.

    You need something that can watch/report your Internet traffic around the clock and selectively “fail” dns lookups you don’t like or something. I think iPhone does have something like this built in?

    • GnuLinuxDude
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      what permissions an app will request or “require”.

      This is something I dislike about iOS, too. The app store doesn’t distinguish in its privacy summaries.